Microsoft has asked Slashdot to remove some reader posts from a news item entitled Kerberos, PACs, and Microsoft's Dirty Tricks. The news item discusses Microsoft's proprietary version of the Kerberos security model, and Microsoft claims that copyrighted materials are posted or linked to in several of the user posts.

Slashdot has posted up the e-mail that Andover.net, the parent company of Slashdot, has received from Microsoft, as well as its response.

Andover.net and Slashdot.org are seeking advice from their readers, as well as the advice of counsel. For more information on Kerberos, check the Kerberos page at MIT.

ROB'S OPINION
Many people were quite irritated when Microsoft decided to add its own Kerberos extensions to Windows 2000, and not tell anyone what those extensions were, causing potential communications problems between Windows 2000 and other servers. Apparently, Microsoft is under the opinion that secrecy creates higher security. In reality, the best security is laid out in the open and poked at by groups of intelligent people. Then the model is updated so that even the people that found holes in it cannot break through again.

I applaud Slashdot and Andover.net for their initial stand against Microsoft on the issue of censorship. At the root of the issue is whether Microsoft legally has the right to keep its Kerberos extensions under copyright. As far as I recall, Kerberos extensions could only be kept private for in-house development. Obviously, Microsoft's Windows 2000 goes a bit beyond that. Assuming that Microsoft's extensions can be protected (which I doubt), the next issue is whether Slashdot should be forced to censor user comments that reveal pieces of the Microsoft Kerberos additions, and even links to places that reveal that information. Remember as well that Microsoft has made the spec publicly available as long as you agree to certain terms–including that you don't tell anyone else the spec. Clearly, that's a ridiculous premise.

Sometimes I wonder whether or not Microsoft should be split up, but lately I can only say that the government isn't doing it fast enough. Microsoft's business plan is to make everything proprietary Microsoft–including all standards. Microsoft found what it hopes is a loophole in the Kerberos specification that allows it to add its own extensions, and it took advantage. Now, it faces the backlash.